另请参阅打破Windows安全的神话在Invisible Things Lab的博客(尤其是链接的白皮书)中,描述了在受限用户帐户中运行潜在恶意代码的各种问题.An application I'm writing requires the execution of potentially malicious code to be executed on a host system. The code only interacts with stdin, stdout, and stderr, and should not attempt to interact with the filesystem or network.I've restricted network access through a firewall rule, and filesystem access through running the process as an unprivileged user created through NetUserAdd with CreateProcessWithLogonW. Finally, I assign the process to a job object that limits memory and active processes.This works fine on Windows 8, but when I tested it on a Windows 7 machine (the deployment platform), I found that AssignProcessToJobObject failed with an access denied, despite running as administrator. From this answer, I found thatSo while this works on Windows 8 which allows nested job objects, it fails on Windows 7 and under.The same answer suggests spawning an agent process under the Secondary Logon service and using it to spawn the process with the CREATE_BREAKAWAY_FROM_JOB flag. However, when attempting this, the agent's CreateProcess call fails with 5 ERROR_ACCESS_DENIED, because the job Secondary Logon puts the agent in does not allow breakaways.How can I assign a process created under another user to a job object on Windows 7? 解决方案 OK, I've done some experimentation, and can confirm that both CreateProcessWithLogonW() and CreateProcessWithTokenW() put the newly created process into a job object.However, CreateProcessAsUser() does not. So this is probably the best workaround, though it does require the "Replace a process level token" privilege. You can either run the code from a context that already has this privilege (i.e., a service configured to run as local service or network service) or you can grant the privilege to the user account that will be used to run the code.See also Shattering the myths of Windows security at the Invisible Things Lab's blog (and in particular the linked whitepaper) which describes various issues with running potentially malicious code in a limited user account. 这篇关于使用CreateProcessWithLogonW的作业控制的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持! 上岸,阿里云! 07-20 20:23